<?php
$sessionStarted = false;
if (!isset($back)){
		$back = "";
}else if (!isset($_SESSION['userid'])) {
	#session_start();
	$sessionStarted = true;
}
ob_start();
require_once("head.html"); 
?>

<body onload="drawCanvas()">
	<div id="wrapper">
		<header>
			<a href="index.php?logout=true">Log out</a>
		</header>
		<div id="content">
			<h1>Overview</h1>
			<hr />
			<?php
				include 'deletegoalfunction.php';
				
				
				if (!isset($del)) {
					$del = "";					
				} else if (!isset($_SESSION['userid']) && $sessionStarted == false) {
					session_start();
				}
				$email = "";
				$password = "";
				if ($del != "" || $back != "") {
					$email = $_SESSION['email'];
					$password = $_SESSION['password'];
					if ($del != "") {
						deleteGoal($del);
					}
				} else {
					$email = $_POST['email'];
					$password = $_POST['password'];
				}

				mysql_connect("localhost", "web964", "pass17") or die("Connection failed.");
				mysql_select_db("usr_web964_1") or die("Database does not exist.");

				$ergebnis = mysql_query("SELECT id, name, email, password FROM users WHERE email='$email' AND password='$password'");

				if (mysql_num_rows($ergebnis) == 0) {
					header("Location: index.php?login_error=");
					echo $email;
					exit;
				} else {
					if (!isset($_SESSION['userid'])) {
						#session_start();
					}

					while ($row = mysql_fetch_object($ergebnis)) {
						$userid = $row->id;
						$_SESSION['userid'] = $row->id;
						$_SESSION['username'] = $row->name;
						$_SESSION['email'] = $row->email;
						$_SESSION['password'] = $row->password;
						if ($row != "") {
							include ("goalstable.php");
						}
					}
				}
				echo "<hr />";
				echo "<a href=\"creategoal.php?userid=$userid\">new goal</a>";
				echo "</form>";
				echo "</div>";
				echo "<footer></footer>";
				echo "</div>";

				
			?>
</body>